Joe, if the worm is in a document with the .html suffix, the antivirus program should detect it.

The problem is, Outlook interprets the infected e-mail as HTML, and perhaps the antivirus program doesn't know it will be opened that way.

InnoculateIt does NOT find the worm in my e-mail program's file. If I copy the worm into text and save it as HTML, it does detect it. I suspect if I saved it as a .txt file, InnoculateIt wouldn't notice. I don't think the antivirus stuff looks for the nasty script in just any file - I think it looks for the nasty script in a specific format - indicating how it will be opened.

Could be wrong, though.